Overview
Ivanti has released its May 2024 Security Advisory that lists multiple Ivanti products affected by 16 vulnerabilities with high-severity and critical-severity ratings. These vulnerabilities could have various consequences that include denial-of-service, arbitrary code execution, privilege escalation and cross-site scripting.
The Ivanti Endpoint Manager Mobile (EPMM) is affected by three vulnerabilities that could allow privilege escalation and SQL injection.
Veeam Backup Enterprise Manager is affected by a critical-severity vulnerability, CVE-2024-29849 that could allow an unauthenticated attacker to log in to the web interface as any user. Additionally, this product is affected by high-severity vulnerability CVE-2024-29849, that could allow an account takeover via NTLM relay. Updating to the latest version should resolve this vulnerability.
Adobe Dreamweaver versions 21.3 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this issue does require user interaction.
Git, the distributed version control system, is affected by a remote code-execution, critical-severity vulnerability, CVE-2024-32002. Specifically, the flaw could be exploited by an attacker with submodules drafted in a particular way that can lead to writing files to the .git/ directory instead of the submodule’s worktree.
Hewlett Packard Enterprise has reported several vulnerabilities affecting the Aruba InstantOS and Aruba Access Points. These buffer-flow and command-injection vulnerabilities all have a severity ratings ranging from 9.8 to 7.2 and could lead to unauthenticated remote code execution. The critical vulnerabilities are as follows: CVE-2024-31466; CVE-2024-31467; CVE-2024-31468; CVE-2024-31469; CVE-2024-31470; CVE-2024-31471; CVE-2024-31472; CVE-2024-31473
SolarWinds Access Rights Manager is affected by a critical-severity, remove code-execution vulnerability, CVE-2024-28075, that allows an authenticated user to abuse SolarWinds service.
VMWare products are affected by three vulnerabilities:
- CVE-2024-22273 – an out-of-bounds vulnerability in VMWare ESXI, Cloud Formation, Workstation and Fusion
- CVE-2024-22274 – an authenticated remote code-execution vulnerability in the vCenter vulnerability
- CVE-2024-22275 – a partial file-read vulnerability in the vCenter Server
Recommended Action
Organisations are encouraged to review the appropriate security advisory pages and apply the updates:
Ivanti – May Security Advisory and EPMM Security Advisory
Veeam – Support Knowledge Base
Adobe – Security Bulletin
Git – Security Advisories
HPE Aruba – Security Advisories
SolarWinds – Security Advisories
VMWare – Broadcom Security Advisories
If you have any concerns, or have been affected by a cyber-related issue, report it to us by submitting a Cyber Concerns Online Reporting Form.